Shot in the dark but does anyone know if there is a way to keep an encrypted
string conformed to RFC 2109? I am obviously trying to encrypt/decrypt some
cookie values.
Hmm, top of page 4 in RFC 2109 says
"The VALUE is opaque to the user agent and may be anything the origin
server chooses to send, possibly in a server-selected printable ASCII
encoding."
so I guess that means something like base64 encoding (RFC 2045) will do.
At least, I've pretty much used base64 every time I needed to
ASCII-encode binary data over HTTP, so I would be surprised if it do not
work with cookie values (as long as the values are not too long, which I
believe is 4096 bytes for the whole cookie).
Regards,